Canada’s financial regulator is warning banks and insurance companies they need to beef up protection against advanced cyber intrusions from a growing list of actors.

“The increasing frequency and sophistication of recent cyber-attacks has resulted in an elevated risk profile for many organizations around the world,” the Office of the Superintendent of Financial Institutions said in a note earlier this week. “As a result, significant attention has recently been paid to the overall level of preparedness against such attacks by these organizations, including financial institutions…”

OSFI said it expects financial institutions to monitor their level of preparedness, and to this end it provided guidance on how companies should conduct a “self-assessment.”

Salim Hasham, an associate partner at PwC Consulting, said banks “have been at the forefront of [cyber] security for a long time” because they realize “they are really just very complex information organizations.”

“If you look at a bank today, it’s really just an IT company that takes deposits,” he said.